<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
  <title>Module: ActiveRecordPermissions::Permissions</title>
  <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
  <meta http-equiv="Content-Script-Type" content="text/javascript" />
  <link rel="stylesheet" href="../.././rdoc-style.css" type="text/css" media="screen" />
  <script type="text/javascript">
  // <![CDATA[

  function popupCode( url ) {
    window.open(url, "Code", "resizable=yes,scrollbars=yes,toolbar=no,status=no,height=150,width=400")
  }

  function toggleCode( id ) {
    if ( document.getElementById )
      elem = document.getElementById( id );
    else if ( document.all )
      elem = eval( "document.all." + id );
    else
      return false;

    elemStyle = elem.style;
    
    if ( elemStyle.display != "block" ) {
      elemStyle.display = "block"
    } else {
      elemStyle.display = "none"
    }

    return true;
  }
  
  // Make codeblocks hidden by default
  document.writeln( "<style type=\"text/css\">div.method-source-code { display: none }</style>" )
  
  // ]]>
  </script>

</head>
<body>



    <div id="classHeader">
        <table class="header-table">
        <tr class="top-aligned-row">
          <td><strong>Module</strong></td>
          <td class="class-name-in-header">ActiveRecordPermissions::Permissions</td>
        </tr>
        <tr class="top-aligned-row">
            <td><strong>In:</strong></td>
            <td>
                <a href="../../files/vendor/plugins/active_scaffold/lib/active_record_permissions_rb.html">
                vendor/plugins/active_scaffold/lib/active_record_permissions.rb
                </a>
        <br />
            </td>
        </tr>

        </table>
    </div>
  <!-- banner header -->

  <div id="bodyContent">



  <div id="contextContent">



   </div>

    <div id="method-list">
      <h3 class="section-bar">Methods</h3>

      <div class="name-list">
      <a href="#M000048">authorized_for?</a>&nbsp;&nbsp;
      <a href="#M000049">existing_record_check?</a>&nbsp;&nbsp;
      <a href="#M000047">included</a>&nbsp;&nbsp;
      </div>
    </div>

  </div>


    <!-- if includes -->

    <div id="section">

    <div id="class-list">
      <h3 class="section-bar">Classes and Modules</h3>

      Module <a href="Permissions/ClassMethods.html" class="link">ActiveRecordPermissions::Permissions::ClassMethods</a><br />

    </div>




      


    <!-- if method_list -->
    <div id="methods">
      <h3 class="section-bar">Public Class methods</h3>

      <div id="method-M000047" class="method-detail">
        <a name="M000047"></a>

        <div class="method-heading">
          <a href="#M000047" class="method-signature">
          <span class="method-name">included</span><span class="method-args">(base)</span>
          </a>
        </div>
      
        <div class="method-description">
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000047-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000047-source">
<pre>
    <span class="ruby-comment cmt"># File vendor/plugins/active_scaffold/lib/active_record_permissions.rb, line 64</span>
64:     <span class="ruby-keyword kw">def</span> <span class="ruby-keyword kw">self</span>.<span class="ruby-identifier">included</span>(<span class="ruby-identifier">base</span>)
65:       <span class="ruby-identifier">base</span>.<span class="ruby-identifier">extend</span> <span class="ruby-constant">ClassMethods</span>
66:     <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <h3 class="section-bar">Public Instance methods</h3>

      <div id="method-M000048" class="method-detail">
        <a name="M000048"></a>

        <div class="method-heading">
          <a href="#M000048" class="method-signature">
          <span class="method-name">authorized_for?</span><span class="method-args">(options = {})</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
A generic authorization query. This is what will be called programatically,
since the actual permission methods can&#8216;t be guaranteed to exist. And
because we want to intelligently combine multiple applicable methods.
</p>
<p>
options[:action] should be a CRUD verb (:create, :read, :update, :destroy)
options[:column] should be the name of a model attribute
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000048-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000048-source">
<pre>
    <span class="ruby-comment cmt"># File vendor/plugins/active_scaffold/lib/active_record_permissions.rb, line 74</span>
74:     <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">authorized_for?</span>(<span class="ruby-identifier">options</span> = {})
75:       <span class="ruby-identifier">raise</span> <span class="ruby-constant">ArgumentError</span>, <span class="ruby-node">&quot;unknown action #{options[:action]}&quot;</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:action</span>] <span class="ruby-keyword kw">and</span> <span class="ruby-operator">!</span>[<span class="ruby-identifier">:create</span>, <span class="ruby-identifier">:read</span>, <span class="ruby-identifier">:update</span>, <span class="ruby-identifier">:destroy</span>].<span class="ruby-identifier">include?</span>(<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:action</span>])
76: 
77:       <span class="ruby-comment cmt"># collect the possibly-related methods that actually exist</span>
78:       <span class="ruby-identifier">methods</span> = [
79:         <span class="ruby-identifier">column_security_method</span>(<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:column</span>]),
80:         <span class="ruby-identifier">action_security_method</span>(<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:action</span>]),
81:         <span class="ruby-identifier">column_and_action_security_method</span>(<span class="ruby-identifier">options</span>[<span class="ruby-identifier">:column</span>], <span class="ruby-identifier">options</span>[<span class="ruby-identifier">:action</span>])
82:       ].<span class="ruby-identifier">compact</span>.<span class="ruby-identifier">select</span> {<span class="ruby-operator">|</span><span class="ruby-identifier">m</span><span class="ruby-operator">|</span> <span class="ruby-identifier">respond_to?</span>(<span class="ruby-identifier">m</span>)}
83: 
84:       <span class="ruby-comment cmt"># if any method returns false, then return false</span>
85:       <span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">false</span> <span class="ruby-keyword kw">if</span> <span class="ruby-identifier">methods</span>.<span class="ruby-identifier">any?</span> {<span class="ruby-operator">|</span><span class="ruby-identifier">m</span><span class="ruby-operator">|</span> <span class="ruby-operator">!</span><span class="ruby-identifier">send</span>(<span class="ruby-identifier">m</span>)}
86: 
87:       <span class="ruby-comment cmt"># if any method actually exists then it must've returned true, so return true</span>
88:       <span class="ruby-keyword kw">return</span> <span class="ruby-keyword kw">true</span> <span class="ruby-keyword kw">unless</span> <span class="ruby-identifier">methods</span>.<span class="ruby-identifier">empty?</span>
89: 
90:       <span class="ruby-comment cmt"># if no method exists, return the default permission</span>
91:       <span class="ruby-keyword kw">return</span> <span class="ruby-constant">ActiveRecordPermissions</span>.<span class="ruby-identifier">default_permission</span>
92:     <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>

      <div id="method-M000049" class="method-detail">
        <a name="M000049"></a>

        <div class="method-heading">
          <a href="#M000049" class="method-signature">
          <span class="method-name">existing_record_check?</span><span class="method-args">()</span>
          </a>
        </div>
      
        <div class="method-description">
          <p>
Because any class-level queries get delegated to the instance level via a
new record, it&#8216;s useful to know when the authorization query is meant
for a specific record or not. But using new_record? is confusing, even
though accurate. So this is basically just a wrapper.
</p>
          <p><a class="source-toggle" href="#"
            onclick="toggleCode('M000049-source');return false;">[Source]</a></p>
          <div class="method-source-code" id="M000049-source">
<pre>
    <span class="ruby-comment cmt"># File vendor/plugins/active_scaffold/lib/active_record_permissions.rb, line 97</span>
97:     <span class="ruby-keyword kw">def</span> <span class="ruby-identifier">existing_record_check?</span>
98:       <span class="ruby-operator">!</span><span class="ruby-identifier">new_record?</span>
99:     <span class="ruby-keyword kw">end</span>
</pre>
          </div>
        </div>
      </div>


    </div>


  </div>


<div id="validator-badges">
  <p><small><a href="http://validator.w3.org/check/referer">[Validate]</a></small></p>
</div>

</body>
</html>